The Blu-ray Disc Association (BDA) is an industry consortium responsible for establishing format standards and specifications for the Blu-ray Disc media format. For example, the BDA has authored a format specification related to playback of pre-recorded audiovisual programs by Blu-ray Disc playback devices (BD-Players) known generally as the “Blu-ray Disc Read-Only (ROM) Format”. Other format specifications authored by the BDA include the “Blu-ray Disc Recordable (R) Format” and the “Blu-ray Disc Rewritable (RE) Format”. The BDA format specifications are referred to herein collectively as the Blu-ray Disc Specification, or BD-Specification.
An aspect of the BD-Specification facilitates the development of computer program logic or applications for the Blu-ray Disc Player platform that provide enhanced or interactive content to viewers. These applications are referred to in the BD-Specification as Blu-ray Disc Java Applications, or BD-J Applications. For example, a BD-J Application may be authored that provides, among other things, a picture-in-picture movie commentary or an interactive game to accompany the primary Blu-ray Disc content.
The version of the BD-Specification known as “BD-Live” requires compliant BD-players to implement networking functionality for connecting to a data network, such as the Internet. A BD-J Application executing on a compliant BD-player can use the network capability to download and play back content such as, for example, a full-length motion picture received from a remote server over the Internet. For example, a subscription based content provider may author a BD-J Application that, upon execution by a BD-Player, connects to a server and downloads a list of movie titles that are available for viewing on a pay-per-view basis or as part of a subscription service. The viewer may then select one of the titles from a menu presented on the viewer's television screen whereupon the BD-J Application will download successive portions of the selected movie title from a server and instruct the BD-Player to playback the portions as they are received. In this way, a BD-J Application executing on a BD-Player can provide playback of streaming video downloaded over the Internet or other network.
To protect against unauthorized access to copyrighted content downloaded over a network, BD-Players may implement the Advanced Access Content System (AACS) content protection system. The AACS is a standard for content distribution and digital rights management developed by an industry consortium with the aim of restricting unauthorized access to AACS protected content recorded on removable media (e.g., Blu-ray Discs) or downloaded over a network such as the Internet. The AACS standard includes the following specification books authored by the AACS consortium members: “Introduction and Common Cryptographic Elements Revision 0.91 Feb. 17, 2007”, “Pre-recorded Video Book Revision 0.92 Nov. 29, 2008”, and “Blu-ray Disc Pre-recorded Book Revision 0.921 Jun. 6, 2008.” These books are referred to herein collectively as the AACS Specification.
Content providers that deliver AACS protected content over the Internet and network-enabled playback devices that download AACS protected content may implement a certain encryption/decryption scheme to protect and access content. While AACS may be sufficient to protect against unauthorized access to AACS protected content, AACS does not provide explicit mechanisms for a content provider that delivers AACS protected content over a network to authenticate clients such as playback devices that request content or request other information such as, for example, subscription information like movie viewing history or billing information.
What is needed are techniques in a networked client and server for the server to reliably authenticate client applications that are executing in AACS compliant environments. Ideally, the solution should allow the server to reliably distinguish between client applications that are executing on non-revoked, AACS compliant platforms and client applications that are executing in revoked AACS environments or not executing within an AACS-compliant environment. Further, the solution should allow the server to reliably identify the client with whom the server is communicating such that the server can safely communicate private information to the client. These and other needs are addressed by the invention described herein.
The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.